HackDig : Dig high-quality web security articles for hacker

Cybercrime operations can be intricate and elaborate, with careful planning needed to navigate the various obstacles separating an attacker from a payout. Yet reports on these operations are often fragmentary, as the full scope of attacker activity typically occurs beyond the view of any one group of investigators.
FireEye Threat Intelligence and iSIGHT Part

At iSIGHT Partners, we are often asked exactly how cyber threat intelligence benefits different groups within an IT organization. To answer those questions, we are publishing a series of posts on CTI use cases for the SOC Level 1 Analyst, the Incident Responder, the CISO, the Threat Intelligence Analyst, the NOC Analyst, and the team responsible for vulnerab

Read the first post on this topic here.
How the SOC Uses Cyber Threat Intelligence
In our previous post we introduced three use cases of how cyber threat intelligence helps SOC Level 1 analysts. Those use cases are summarized in this table:
Figure 1: Cyber Threat Intelligence Use Cases for SOC Level 1 analysts
In this post we discuss exactly how cyber thr

A Look at Shifu – Behavior, Capabilities and Communications…
As part of our normal course of operations as a cyber threat intelligence provider, we monitor the cyber crime underground and provide analysis to our clients on new and emerging threats. As you can imagine, we naturally run into large quantities of malware on a daily basis. From time t

This is Cool Stuff…
When we launched the second revision of our ThreatScape API early this year, we were extremely excited about the pivot functionality we added as we heard from a number of customers doing security operations and incident response that they needed functionality to rapidly move between data and intelligence for correlation and alert pr

So what is this all about??
As part of our normal course of operations as a cyber threat intelligence provider, we monitor the cyber crime underground and the world of cyber espionage. We provide analysis to our clients on new and emerging threats as well as help them analyze artifacts found on their networks. As you can imagine, we naturally run into larg

Monitoring TeslaCrypt…
As part of our normal course of operations as a cyber threat intelligence provider, we monitor the cyber crime underground and provide analysis to our clients on new and emerging threats. As you can imagine, we naturally run into large quantities of malware on a daily basis. From time to time, we release findings to the public in